Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×

Submission + - Banks Conspire 2

Submitted by Jim Sadler
Jim Sadler writes: I'll keep it short. Why do banks, charge cards and others have such lousy password software? My bank allows twenty letters or numbers but not all combinations of letters and numbers. Then on top of that one can not use symbols or ASCI symbols in ones password. Needless to say pass phrases are also banned. For example "JackandJillwentupthehilltofetch1394pounds of worms." would be very hard to crack and very easy to recall.
              I can't imagine why such passwords would be so hard to handle for financial institutions and they have everything in the world to lose from sloppy security. So just why, considering that these institutions complain of mega money being lost, do they not have a better password system? Do they somehow gain when money goes missing?

Submission + - In a First: FDA issues Safety Advisory for Cyber Risk of Drug Pumps (securityledger.com)

Submitted by chicksdaddy
chicksdaddy writes: In what may be a first, the Food and Drug Administration (FDA) has issued a Safety Communication regarding vulnerabilities in a drug infusion pump by the firm Hospira that could make it easy prey for hackers, The Security Ledger reports.

The FDA Safety Communications notice regarding the Hospira LifeCare PCA3 and PCA5 Infusion Pump Systems (http://www.fda.gov/medicaldevices/safety/alertsandnotices/ucm446809.htm) was published on Wednesday. The notice advises hospitals that are using the pump to isolate it from the Internet and “untrusted systems.” It follows disclosures by two, independent security researchers in recent months of a raft of software security vulnerabilities in the pumps, including Telnet and FTP services that were accessible without authentication.

The FDA said it and Hospira “have become aware of security vulnerabilities in Hospira’s LifeCare PCA3 and PCA5 Infusion Pump Systems” as well as the publication of “software codes, which, if exploited, could allow an unauthorized user to interfere with the pump’s functioning.”

An unauthorized user with malicious intent could “access the pump remotely and modify the dosage it delivers, which could lead to over- or under-infusion of critical therapies,” the safety advisory warned.

The advisory follows a warning by the Department of Homeland Security in April. DHS’s Industrial Control System Computer Emergency Response Team (ICS-CERT) warned of drug infusion pump management software sold by Hospira contains serious and exploitable vulnerabilities that could be used to remotely take control of the devices.).

The FDA notice regarding the Hospira LifeCare PCA3 and PCA5 Infusion Pump Systems was published on Wednesday. The notice advises hospitals that are using the pump to isolate it from the Internet and “untrusted systems.” It follows disclosures by two, independent security researchers in recent months of a raft of software security vulnerabilities in the pumps, including Telnet and FTP services that were accessible without authentication.

The FDA said it and Hospira “have become aware of security vulnerabilities in Hospira’s LifeCare PCA3 and PCA5 Infusion Pump Systems” as well as the publication of “software codes, which, if exploited, could allow an unauthorized user to interfere with the pump’s functioning.”

An unauthorized user with malicious intent could “access the pump remotely and modify the dosage it delivers, which could lead to over- or under-infusion of critical therapies,” the safety advisory warned.

The advisory follows a warning by the Department of Homeland Security in April. DHS’s Industrial Control System Computer Emergency Response Team (ICS-CERT) warned of drug infusion pump management software sold by Hospira contains serious and exploitable vulnerabilities that could be used to remotely take control of the devices.(https://securityledger.com/2015/04/drug-pumps-vulnerable-to-trivial-hacks-dhs-warns/)

he issuance of a “Safety Communication” for software vulnerabilities is novel. The communications are typically used to issue specific and actionable guidance concerning safety related issues with medical devices or products used by health professionals in the field.
This is believed to be the first such communication issued for a software vulnerability in a specific product. In June, 2013, the FDA issued a safety communication regarding cybersecurity of hospital networks and medical devices. (http://www.fda.gov/medicaldevices/safety/alertsandnotices/ucm356423.htm)

Comment A good patent is worth a lot. (Score 1) 125

by Z00L00K (#49687381) Attached to: Ask Slashdot: Security Certification For an Old Grad?

If the patent is really good it can be worth over 10 times the graduation score you had over 10 years ago.

Add an up to date certification and a good CV and you may not have too much trouble getting a decent job unless you have a very disagreeable personality for a first impression.

I did graduate on a college level back in '87 and the last 15 years nobody have had any concerns about what I did graduate with. It's only people that graduates with titles like "Doctor" in a certain area that can ride on that for the rest of their working life.

Just show up at job interview in decent looking clothing without too many weird looking tattoos exposed. Not too strict, not too relaxed, one notch above what people usually wear to the workplace in question. Dressing too far above will cause the interviewer to feel uneasy.

Comment Re:Satellites (Score 1) 403

Geostationary satellites collects in orbit at some places quite some distance out, and can be there for a very long time. Moon pull and solar wind may impact them, but it can take a long time before they leave their positions.

Satellites at the Lagrange points are probably going to stick around even longer.

Submission + - How birds got their beaks (sciencemag.org) 1

Submitted by sciencehabit
sciencehabit writes: When birds got their wings, they lost the clawed fingers wielded by their dinosaur relatives. But they evolved a new "finger"—in their face. And what a boon that has been. Agile beaks of all shapes and sizes, from the gulping gape of a pelican to the needle nose of a hummingbird, have enabled the 10,000 avian species to thrive from the arctic to the tropics, build intricate nests, and eat many different foods. Now, researchers may have identified genes that transformed an ancestral snout into a bird's bill. By manipulating the genes’ proteins, they have seemingly turned back the evolutionary clock, producing snouts in developing chicken embryos that resemble those of alligators today.

Submission + - Australia: Your digital games (and movies!) will get more expensive (playerattack.com)

Submitted by dotarray
dotarray writes: Australians really are about to start paying more for digital services — including Steam games — as Federal Treasurer Joe Hockey has confirmed plans to introduce a "Netflix tax" in this week's Federal Budget.

As mentioned last week, this is not a new tax, but an extension of Australia's current Goods and Services Tax to include digital services, adding 10% to virtual items and services purchased online. Details have not yet been revealed, but potential services include not only Steam games but also Netflix subscriptions and even Uber trips.

Slashdot Top Deals

To write good code is a worthy challenge, and a source of civilized delight. -- stolen and paraphrased from William Safire

Close